WIRELESS SHARED OMNIBUS ACCESS CONTROL METHOD AND SYSTEM
An owner-tenant wireless shared omnibus access control system configured to enable owners and tenant users of an electronic access control system to seamlessly access a lock that is shared between remote site owners and one or more tenants, while maintaining access control and audit trail with minimal administrative overhead. An owner-tenant wireless shared omnibus access control system may be operably configured to enable expanded or limited access and audit trail information based on different user roles and permissions comprising an owner user and a tenant user.
The present application claims the benefit of U.S. Provisional Application Ser. No. 63/168,190, filed on Mar. 30, 2021, and entitled “WIRELESS SHARED OMNIBUS ACCESS CONTROL METHOD FOR ELECTRONIC ACCESS CONTROL SYSTEMS”; the entirety of which is incorporated herein at least by virtue of this reference.
FIELDThe present disclosure relates to the field of electronic access control systems; in particular, an owner-tenant wireless shared omnibus access control system and method for use within electronic access control systems.
BACKGROUNDVarious access control systems are utilized to restrict access to secure locations for various safety and security reasons. There are many situations in which users of an access control system, such as field technicians, need to access a secure location in order to service equipment and/or perform various activities. Such locations may include, for example, cell towers, rail cabinets, transportation containers and many other areas that maintain infrastructure operations. Many of these sites utilize various types of electronic access control (EAC) applications and locks to provide and restrict access to the site so that access can be controlled and monitored while improving security and operational efficiencies. In various real-world use cases, a single site may include multiple types/makes of EAC equipment associated with multiple EAC system owners and tenants.
While EAC systems provide many operational efficiencies and advantages over mechanical locks, a problem is that for access-controlled sites comprising multiple types/makes of EAC equipment securing multiple access points, each EAC system owner and/or tenant system requires different credentials and can become problematic when access credentials need to be shared across different users for different systems. These credentials can be, for example, smartphone, tablet, and mobile electronic device-based applications. In such cases, an individual user will often need to download, configure and utilize a variety of disparate applications to enable electronic access controls across each owner or tenant system at one or more sites.
Through applied effort, ingenuity, and innovation, Applicant has identified a number of deficiencies and problems with shared access methods in electronic access control systems. Applicant has developed a solution that is embodied by the present invention, which is described in detail below.
SUMMARYThe following presents a simplified summary of some embodiments of the invention in order to provide a basic understanding of the invention. This summary is not an extensive overview of the invention. It is not intended to identify key/critical elements of the invention or to delineate the scope of the invention. Its sole purpose is to present some embodiments of the invention in a simplified form as a prelude to the more detailed description that is presented later.
Certain aspects of the present disclosure provide for an owner-tenant wireless shared omnibus access control system configured to enable owners and tenant users of an electronic access control system to seamlessly access a lock that is shared between remote site owners and one or more tenants, while maintaining access control and audit trail with minimal administrative overhead. The owner-tenant wireless shared omnibus access control system of the present disclosure may be implemented with a variety of wirelessly controlled electronic locking devices including, but not limited to, wireless electronic gate locks, puck locks, blocker-secured cabinets/generators/shrouds, 5G poles, door lock secured shelters and the like.
An object of the present disclosure is to provide for an owner-tenant wireless shared omnibus access control system configured to enable expanded or limited access and audit trail information based on different user roles and permissions comprising an owner user and a tenant user. In accordance with certain aspects of the present disclosure, an owner user may desire to have full access rights and audit trail information for one or more non-owner users and vendors that access an access-controlled site via an electronic access control lock. The owner user may also desire to provide one or more tenant users with a single omnibus account that enables the tenant user to access the access-controlled site based on one or more configurable permissions and conditions (e.g., location, time, duration, etc.). However, in certain exemplary use cases, a tenant user may not want to share certain confidential information, such as personal identifying information, with the owner. In accordance with certain aspects of the present disclosure, an omnibus tenant account may enable the tenant user to grant access to their own employees and vendors without sharing user or system confidential information with the owner user. An audit trail for the owner user may comprise user identification and confidential access information for non-owner users within the owner user's organization and de-identifying/non-confidential access information for tenant users, such as time, high level purpose and optionally contact information and the like.
Certain aspects of the present disclosure provide for an electronic access control system, comprising one or more electronic access control devices; at least one client device associated with at least one user type; and at least one remote server communicably engaged with the one or more electronic access control devices and the at least one remote server, wherein the at least one remote server comprises at least one processor and a non-transitory computer-readable medium comprising executable computer program instructions stored thereon that, when executed, command the at least one processor to perform one or more operations, the one or more operations comprising configuring an omnibus account for a tenant user, wherein the omnibus account is configured to enable the tenant user to create one or more sub-user accounts within the omnibus account; configuring an administrator account for an owner user, wherein the administrator account is configured to enable the owner user to selectively revoke access rights and one or more permissions for the tenant user and the one or more sub-user accounts; configuring a first audit log for the tenant user, wherein the first audit log comprises access history data and user information data associated with the omnibus account; and configuring a second audit log for the owner user, wherein the second audit log comprises only the access history data associated with the omnibus account.
In accordance with certain embodiments, the omnibus account may be configured to enable the tenant user to temporarily grant access rights for the one or more electronic access control devices to one or more guest users. In accordance with certain embodiments, the one or more operations may further comprise providing a mobile application to the at least one client device, wherein the mobile application comprises a graphical user interface for configuring one or more settings of the omnibus account or the administrator account. In accordance with certain embodiments, the one or more operations may further comprise communicating one or more user credentials to the at least one client device. In accordance with certain embodiments, the administrator account may be configured to enable the owner user to configure two or more lock types for the one or more electronic access control devices. In accordance with certain aspects of the present disclosure, the two or more lock types may comprise owned locks and shared locks. In accordance with certain embodiments, the omnibus account may be configured to enable the tenant user to selectively grant access permissions to the shared locks to one or more sub-users. In accordance with certain embodiments, the administrator account may be configured to enable the owner user to selectively grant access permissions to the owned locks to one or more other users. In accordance with certain embodiments, the omnibus account may be configured to enable the tenant user to configure two or more lock types for the one or more electronic access control devices, wherein the two or more lock types comprise tenant locks and shared locks. In accordance with certain embodiments, the omnibus account may be configured to enable the tenant user to selectively grant access permissions to the tenant locks to one or more other users.
Further aspects of the present disclosure provide for an electronic access control method, comprising configuring, with at least one server, an omnibus account for a tenant user, wherein the omnibus account is configured to enable the tenant user to create one or more sub-user accounts within the omnibus account; configuring, with the at least one server, an administrator account for an owner user, wherein the administrator account is configured to enable the owner user to selectively revoke access rights and one or more permissions for the tenant user and the one or more sub-user accounts; providing, with the at least one server, a mobile application to at least one client device, wherein the mobile application comprises a graphical user interface for configuring one or more settings of the omnibus account or the administrator account; configuring, with at least one client device via the graphical user interface, one or more lock types for one or more electronic access control devices; configuring, with the at least one client device via the graphical user interface, one or more access credentials for the one or more electronic access control devices; and communicating, with the at least one server, the one or more access credentials to the one or more sub-user accounts.
Still further aspects of the present disclosure provide for a non-transitory computer-readable medium comprising executable computer program instructions stored thereon that, when executed, command at least one processor to perform one or more operations of an electronic access control method, the one or more operations comprising configuring an omnibus account for a tenant user, wherein the omnibus account is configured to enable the tenant user to create one or more sub-user accounts within the omnibus account; configuring an administrator account for an owner user, wherein the administrator account is configured to enable the owner user to selectively revoke access rights and one or more permissions for the tenant user and the one or more sub-user accounts; configuring a first audit log for the tenant user, wherein the first audit log comprises access history data and user information data associated with the omnibus account; and configuring a second audit log for the owner user, wherein the second audit log comprises only the access history data associated with the omnibus account.
The foregoing has outlined rather broadly the more pertinent and important features of the present invention so that the detailed description of the invention that follows may be better understood and so that the present contribution to the art can be more fully appreciated. Additional features of the invention will be described hereinafter which form the subject of the claims of the invention. It should be appreciated by those skilled in the art that the conception and the disclosed specific methods and structures may be readily utilized as a basis for modifying or designing other structures for carrying out the same purposes of the present invention. It should be realized by those skilled in the art that such equivalent structures do not depart from the spirit and scope of the invention as set forth in the appended claims.
The skilled artisan will understand that the figures, described herein, are for illustration purposes only. It is to be understood that in some instances various aspects of the described implementations may be shown exaggerated or enlarged to facilitate an understanding of the described implementations. In the drawings, like reference characters generally refer to like features, functionally similar and/or structurally similar elements throughout the various drawings. The drawings are not necessarily to scale, emphasis instead being placed upon illustrating the principles of the teachings. The drawings are not intended to limit the scope of the present teachings in any way. The system and method may be better understood from the following illustrative description with reference to the following drawings in which:
Embodiments of the present invention will now be described more fully hereinafter with reference to the accompanying drawings, in which some, but not all, embodiments of the invention are shown. Indeed, the invention may be embodied in many different forms and should not be construed as limited to the embodiments set forth herein; rather, these embodiments are provided so that this disclosure will satisfy applicable legal requirements. Where possible, any terms expressed in the singular form herein are meant to also include the plural form and vice versa, unless explicitly stated otherwise. Also, as used herein, the term “a” and/or “an” shall mean “one or more,” even though the phrase “one or more” is also used herein. Furthermore, when it is said herein that something is “based on” something else, it may be based on one or more other things as well. In other words, unless expressly indicated otherwise, as used herein “based on” means “based at least in part on” or “based at least partially on.” Like numbers refer to like elements throughout. All definitions, as defined and used herein, should be understood to control over dictionary definitions, definitions in documents incorporated by reference, and/or ordinary meanings of the defined terms.
It should be appreciated that various concepts introduced above and discussed in greater detail below may be implemented in any of numerous ways, as the disclosed concepts are not limited to any particular manner of implementation. Examples of specific implementations and applications are provided primarily for illustrative purposes. The present disclosure should in no way be limited to the exemplary implementation and techniques illustrated in the drawings and described below.
Where a range of values is provided, it is understood that each intervening value, to the tenth of the unit of the lower limit unless the context clearly dictates otherwise, between the upper and lower limit of that range and any other stated or intervening value in that stated range is encompassed by the invention. The upper and lower limits of these smaller ranges may independently be included in the smaller ranges, and are also encompassed by the invention, subject to any specifically excluded limit in a stated range. Where a stated range includes one or both of the endpoint limits, ranges excluding either or both of those included endpoints are also included in the scope of the invention.
As used herein, “exemplary” means serving as an example or illustration and does not necessarily denote ideal or best.
As used herein, the term “includes” means includes but is not limited to, the term “including” means including but not limited to. The term “based on” means based at least in part on.
As used herein, the term “interface” refers to any shared boundary across which two or more separate components of a computer system may exchange information. The exchange can be between software, computer hardware, peripheral devices, humans, and combinations thereof. The term “interface” may be further defined as any shared boundary or connection between two dissimilar objects, devices or systems through which information or power is passed and/or a mechanical, functional and/or operational relationship is established and/or accomplished. Such shared boundary or connection may be physical, electrical, logical and/or combinations thereof.
Certain benefits and advantages of the present disclosure include an owner-tenant wireless shared omnibus access control system, wherein: technicians/non-owner users can quickly access shared locks using their existing access process without having to complete additional access processes; site owners/administrators do not have to be involved with granting and revoking access to each site tenant individual once the tenant organization is set up in an application database; and site owners and tenants have different levels of visibility into access reports so that personally identifying information for tenant users is hidden from owner users, while still ensuring that owner users can track access events for a tenant user.
In accordance with certain embodiments, an owner-tenant wireless shared omnibus access control system may comprise one or more user roles, including: Owner/Administrator—a system user that has access privileges to create and edit settings and users in the owner-tenant wireless shared omnibus access control system; Tenant User—a system user that is granted sub-administrator rights by the Owner/Administrator; and Non-Owner/Technician User—a system user that uses Usernames/Passwords or PINs for a credential and is either an employee or contractor that will need to access a site for service or installation work.
Turning now descriptively to the drawings, in which similar reference characters denote similar elements throughout the several views,
In accordance with certain aspects of the present disclosure, owner-user account 102 is operably configured to configured one or more of a non-owner account 108 and a tenant-user account 104. In certain embodiments, non-owner account 108 may be associated with a non-owner user (e.g., a service technician for a premises or location secured by electronic lock device 110) and tenant-user account 104 may be associated with a tenant user (e.g., a tenant of a premises or location secured by electronic lock device 110). In accordance with certain embodiments, tenant-user account 104 may be configured to enable the tenant user to configure one or more credentials and/or access permissions for electronic lock device 110 for one or more subtenant accounts 106. Subtenant accounts 106 may be associated with one or more subtenant users, such as employees or invitees of the tenant user.
In accordance with certain aspects of the present disclosure, system 100 comprises one or more routines or operations for processing a user access request from a user other than the owner user. In certain embodiments, one or more routines or operations for processing a user access request comprise creating, via the owner user account 102, a new user/guest user. In certain embodiments, the owner user can create a new credential as well as distribute a credential for an authorized user if configured to do so via email/text (PIN is optional). In certain embodiments, owner user account 102 can only store one PIN per non-owner user or tenant user. Once a new credential is created, the owner user can send a credential distribution request for a user to EAC server 114. EAC server 114 sends the credential to the user in need of access via email/text (PIN distribution is optional). In accordance with certain embodiments, another user's credential is never shared with the user that requests access for that other user. In accordance with certain embodiments, an access request must minimally have an organization, username, cell #, credential type, site (if access control) and can utilize a search field for these fields. In accordance with certain aspects of the present disclosure, owner-user account 102 and/or tenant-user account 104 may be communicably engaged with EAC server 114 via network 112 to execute one or more routines or operations for a user registration process for system 100.
Referring now to
In accordance with certain aspects of the present disclosure, routine 200 may continue by enabling one or more steps or operations for a user to receive the user credentials, including the registration ID, at a user device (Block 208). In accordance with certain aspects of the present disclosure, the user device may comprise a client of the server. In certain embodiments, the user device may comprise a smart phone, a tablet computer, a mobile electronic computing device, a personal computing device or workstation, and the like. In accordance with certain aspects of the present disclosure, routine 200 may continue by enabling one or more steps or operations to enable the user to download/install an end user application at the user device (Block 210). In certain embodiments, the one or more steps or operations may include scanning a machine-readable optical code or providing a link (e.g., via text message) to an application store to begin the software download. In accordance with certain aspects of the present disclosure, routine 200 may continue by enabling one or more steps or operations for the user to launch the end user application and input the user credentials (e.g., registration ID) at a graphical user interface (GUI) of the end user application (Block 212). In accordance with certain embodiments, the user credentials may comprise a user personal identification number (PIN). In certain embodiments, routine 200 may continue by enabling one or more steps or operations for the user to input certain user account information at the GUI; for example, personally identifiable information such as cell phone number, name, company and the like (Block 214). Routine 200 may conclude by performing one or more steps or operations for storing the user account information at the server (Block 216).
Referring now to
Referring now to
Referring now to
Referring now to
In accordance with certain aspects of the present disclosure, routine 500 may comprise one or more steps or operations to enable the owner user to configure one or more EAC devices in the owner account (Block 510). In accordance with certain embodiments, the one or more EAC devices may be configured as “Shared Devices” or “Owned Devices.” In accordance with certain embodiments, routine 500 may be configured to enable the owner user to provide credentials for the Shared Devices to the one or more tenant users via the user interface of the owner account (Block 512). For Owned Devices, routine 500 may be configured to enable the owner user to share access data directly with one or more other users (e.g., non-owner accounts 108 of
In accordance with certain aspects of the present disclosure, routine 500 may comprise one or more steps or operations to generate a full audit log comprising access data for the EAC devices and user identification data for user access to the EAC devices (Block 526). Routine 500 may comprise one or more steps or operations for rendering, at the graphical user interface of the omnibus account, an overview of the system configurations (e.g., locks, users, locations) for the omnibus account and/or the audit log for the access and user history for the omnibus account (Block 528). In accordance with certain embodiments, routine 500 may comprise one or more steps or operations to enable the tenant user to modify one or more devices settings, user permissions and/or account configurations for the omnibus account (Block 530). In accordance with certain aspects of the present disclosure, routine 500 may comprise one or more steps or operations for generating a partial audit log of access history data associated with the omnibus account (Block 532). In accordance with certain embodiments, the partial audit log contains only access events (e.g., times and dates of access at which devices) for the Shared Devices and does not contain user-identifiable information for the tenant users or sub-users. Routine 500 may comprise one or more steps or operations for rendering, at the graphical user interface of the owner account, an overview of the system configurations (e.g., locks, users, locations) for the owner account (including shared account configurations) and/or the audit log for the access and user history for the owner account (including the partial audit log) (Block 534). In accordance with certain embodiments, routine 500 may comprise one or more steps or operations to enable the owner user to modify one or more device settings, user permissions and/or account configurations for the omnibus account (Block 536).
Referring now to
In accordance with certain aspects of the present disclosure, method 600 may include one or more additional steps or sub-steps in addition to steps 602-614. In accordance with certain embodiments, method 600 may further comprise one or more steps or operations for configuring (e.g., with the at least one server) a first audit log for the tenant user. In accordance with certain embodiments, the first audit log may comprise access history data and user information data associated with the omnibus account. In accordance with certain embodiments, method 600 may further comprise one or more steps or operations for configuring (e.g., with the at least one server), a second audit log for the owner user. In accordance with certain embodiments, the second audit log may comprise only the access history data associated with the omnibus account. In accordance with certain embodiments, method 600 may further comprise one or more steps or operations for assigning (e.g., with the at least one server) a uniform resource locator to each electronic access control device in the one or more electronic access control devices. In accordance with certain embodiments, method 600 may further comprise one or more steps or operations for configuring (e.g., with the at least one client device via the omnibus account) temporary access rights for the one or more electronic access control devices to one or more guest users. In accordance with certain embodiments, method 600 may further comprise one or more steps or operations for selectively revoking (e.g., with the at least one client device via the owner account) one or more access rights for the one or more electronic access control devices for the tenant user. In accordance with certain embodiments, method 600 may further comprise one or more steps or operations for configuring (e.g., with at least one server) two or more omnibus accounts for two or more tenant users. In accordance with certain embodiments, method 600 may further comprise one or more steps or operations for configuring (e.g., with at least one server) an access code or pin for accessing the one or more electronic access control devices for each tenant user in the two or more tenant users.
Referring now to
In use, the processing system 700 is adapted to allow data or information to be stored in and/or retrieved from, via wired or wireless communication means, at least one database 716. The interface 712 may allow wired and/or wireless communication between the processing unit 702 and peripheral components that may serve a specialized purpose. In general, the processor 702 can receive instructions as input data 718 via input device 706 and can display processed results or other output to a user by utilizing output device 708. More than one input device 706 and/or output device 708 can be provided. It should be appreciated that the processing system 700 may be any form of terminal, server, specialized hardware, or the like.
It is to be appreciated that the processing system 700 may be a part of a networked communications system. Processing system 700 could connect to a network, for example the Internet or a WAN. Input data 718 and output data 720 can be communicated to other devices via the network. The transfer of information and/or data over the network can be achieved using wired communications means or wireless communications means. A server can facilitate the transfer of data between the network and one or more databases. A server and one or more database(s) provide an example of a suitable information source.
Thus, the processing computing system environment 700 illustrated in
It is to be further appreciated that the logical connections depicted in
In the description that follows, certain embodiments may be described with reference to acts and symbolic representations of operations that are performed by one or more computing devices, such as the computing system environment 700 of
Embodiments may be implemented with numerous other general-purpose or special-purpose computing devices and computing system environments or configurations. Examples of well-known computing systems, environments, and configurations that may be suitable for use with embodiments of the invention include, but are not limited to, personal computers, handheld or laptop devices, personal digital assistants, multiprocessor systems, microprocessor-based systems, set top boxes, programmable consumer electronics, networks, minicomputers, server computers, game server computers, web server computers, mainframe computers, and distributed computing environments that include any of the above systems or devices.
Embodiments may be described in a general context of computer-executable instructions, such as program modules, being executed by a computer. Generally, program modules include routines, programs, objects, components, data structures, etc., that perform particular tasks or implement particular abstract data types. An embodiment may also be practiced in a distributed computing environment where tasks are performed by remote processing devices that are linked through a communications network. In a distributed computing environment, program modules may be located in both local and remote computer storage media including memory storage devices.
With the exemplary computing system environment 700 of
As will be appreciated by one of skill in the art, the present invention may be embodied as a method (including, for example, a computer-implemented process, a business process, and/or any other process), apparatus (including, for example, a system, machine, device, computer program product, and/or the like), or a combination of the foregoing. Accordingly, embodiments of the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment (including firmware, resident software, micro-code, etc.), or an embodiment combining software and hardware aspects that may generally be referred to herein as a “system.” Furthermore, embodiments of the present invention may take the form of a computer program product on a computer-readable medium having computer-executable program code embodied in the medium.
Any suitable transitory or non-transitory computer readable medium may be utilized. The computer readable medium may be, for example but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device. More specific examples of the computer readable medium include, but are not limited to, the following: an electrical connection having one or more wires; a tangible storage medium such as a portable computer diskette, a hard disk, a random-access memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or Flash memory), a compact disc read-only memory (CD-ROM), or other optical or magnetic storage device.
In the context of this document, a computer readable medium may be any medium that can contain, store, communicate, or transport the program for use by or in connection with the instruction execution system, apparatus, or device. The computer usable program code may be transmitted using any appropriate medium, including but not limited to the Internet, wireline, optical fiber cable, radio frequency (RF) signals, or other mediums.
Computer-executable program code for carrying out operations of embodiments of the present invention may be written in an object oriented, scripted or unscripted programming language such as Java, Perl, Smalltalk, C++, or the like. However, the computer program code for carrying out operations of embodiments of the present invention may also be written in conventional procedural programming languages, such as the “C” programming language or similar programming languages.
Embodiments of the present invention are described above with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products. It will be understood that each block of the flowchart illustrations and/or block diagrams, and/or combinations of blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer-executable program code portions. These computer-executable program code portions may be provided to a processor of a general-purpose computer, special purpose computer, or other programmable data processing apparatus to produce a particular machine, such that the code portions, which execute via the processor of the computer or other programmable data processing apparatus, create mechanisms for implementing the functions/acts specified in the flowchart and/or block diagram block or blocks.
These computer-executable program code portions (i.e., computer-executable instructions) may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the code portions stored in the computer readable memory produce an article of manufacture including instruction mechanisms which implement the function/act specified in the flowchart and/or block diagram block(s). Computer-executable instructions may be in many forms, such as program modules, executed by one or more computers or other devices. Generally, program modules include routines, programs, objects, components, data structures, etc. that perform particular tasks or implement particular abstract data types. Typically, the functionality of the program modules may be combined or distributed as desired in various embodiments.
The computer-executable program code may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational phases to be performed on the computer or other programmable apparatus to produce a computer-implemented process such that the code portions which execute on the computer or other programmable apparatus provide phases for implementing the functions/acts specified in the flowchart and/or block diagram block(s). Alternatively, computer program implemented phases or acts may be combined with operator or human implemented phases or acts in order to carry out an embodiment of the invention.
As the phrases are used herein, a processor may be “operable to” or “configured to” perform a certain function in a variety of ways, including, for example, by having one or more general-purpose circuits perform the function by executing particular computer-executable program code embodied in computer-readable medium, and/or by having one or more application-specific circuits perform the function.
The terms “program” or “software” are used herein in a generic sense to refer to any type of computer code or set of computer-executable instructions that can be employed to program a computer or other processor to implement various aspects of the present technology as discussed above. Additionally, it should be appreciated that according to one aspect of this embodiment, one or more computer programs that when executed perform methods of the present technology need not reside on a single computer or processor but may be distributed in a modular fashion amongst a number of different computers or processors to implement various aspects of the present technology.
All definitions, as defined and used herein, should be understood to control over dictionary definitions, definitions in documents incorporated by reference, and/or ordinary meanings of the defined terms.
The indefinite articles “a” and “an,” as used herein in the specification and in the claims, unless clearly indicated to the contrary, should be understood to mean “at least one.” As used herein, the terms “right,” “left,” “top,” “bottom,” “upper,” “lower,” “inner” and “outer” designate directions in the drawings to which reference is made.
The phrase “and/or,” as used herein in the specification and in the claims, should be understood to mean “either or both” of the elements so conjoined, i.e., elements that are conjunctively present in some cases and disjunctively present in other cases. Multiple elements listed with “and/or” should be construed in the same fashion, i.e., “one or more” of the elements so conjoined. Other elements may optionally be present other than the elements specifically identified by the “and/or” clause, whether related or unrelated to those elements specifically identified. Thus, as a non-limiting example, a reference to “A and/or B”, when used in conjunction with open-ended language such as “comprising” can refer, in one embodiment, to A only (optionally including elements other than B); in another embodiment, to B only (optionally including elements other than A); in yet another embodiment, to both A and B (optionally including other elements); etc.
As used herein in the specification and in the claims, “or” should be understood to have the same meaning as “and/or” as defined above. For example, when separating items in a list, “or” or “and/or” shall be interpreted as being inclusive, i.e., the inclusion of at least one, but also including more than one, of a number or list of elements, and, optionally, additional unlisted items. Only terms clearly indicated to the contrary, such as “only one of” or “exactly one of,” or, when used in the claims, “consisting of,” will refer to the inclusion of exactly one element of a number or list of elements. In general, the term “or” as used herein shall only be interpreted as indicating exclusive alternatives (i.e., “one or the other but not both”) when preceded by terms of exclusivity, such as “either,” “one of,” “only one of,” or “exactly one of.” “Consisting essentially of,” when used in the claims, shall have its ordinary meaning as used in the field of patent law.
As used herein in the specification and in the claims, the phrase “at least one,” in reference to a list of one or more elements, should be understood to mean at least one element selected from any one or more of the elements in the list of elements, but not necessarily including at least one of each and every element specifically listed within the list of elements and not excluding any combinations of elements in the list of elements. This definition also allows that elements may optionally be present other than the elements specifically identified within the list of elements to which the phrase “at least one” refers, whether related or unrelated to those elements specifically identified. Thus, as a non-limiting example, “at least one of A and B” (or, equivalently, “at least one of A or B,” or, equivalently “at least one of A and/or B”) can refer, in one embodiment, to at least one, optionally including more than one, A, with no B present (and optionally including elements other than B); in another embodiment, to at least one, optionally including more than one, B, with no A present (and optionally including elements other than A); in yet another embodiment, to at least one, optionally including more than one, A, and at least one, optionally including more than one, B (and optionally including other elements); etc.
In the claims, as well as in the specification above, all transitional phrases such as “comprising,” “including,” “carrying,” “having,” “containing,” “involving,” “holding,” “composed of,” and the like are to be understood to be open-ended, i.e., to mean including but not limited to. Only the transitional phrases “consisting of” and “consisting essentially of” shall be closed or semi-closed transitional phrases, respectively, as set forth in the United States Patent Office Manual of Patent Examining Procedures, Section 2111.03.
The present disclosure includes that contained in the appended claims as well as that of the foregoing description. Although this invention has been described in its exemplary forms with a certain degree of particularity, it is understood that the present disclosure of has been made only by way of example and numerous changes in the details of construction and combination and arrangement of parts may be employed without departing from the spirit and scope of the invention.
Claims
1. An electronic access control system, comprising:
- one or more electronic access control devices;
- at least one client device associated with at least one user type; and
- at least one remote server communicably engaged with the one or more electronic access control devices and the at least one remote server,
- wherein the at least one remote server comprises at least one processor and a non-transitory computer-readable medium comprising executable computer program instructions stored thereon that, when executed, command the at least one processor to perform one or more operations, the one or more operations comprising: configuring an omnibus account for a tenant user, wherein the omnibus account is configured to enable the tenant user to create one or more sub-user accounts within the omnibus account; configuring an administrator account for an owner user, wherein the administrator account is configured to enable the owner user to selectively revoke access rights and one or more permissions for the tenant user and the one or more sub-user accounts; configuring a first audit log for the tenant user, wherein the first audit log comprises access history data and user information data associated with the omnibus account; and configuring a second audit log for the owner user, wherein the second audit log comprises only the access history data associated with the omnibus account.
2. The electronic access control system of claim 1 wherein the omnibus account is configured to enable the tenant user to temporarily grant access rights for the one or more electronic access control devices to one or more guest users.
3. The electronic access control system of claim 1 wherein the one or more operations further comprise providing a mobile application to the at least one client device, wherein the mobile application comprises a graphical user interface for configuring one or more settings of the omnibus account or the administrator account.
4. The electronic access control system of claim 1 wherein the one or more operations further comprise communicating one or more user credentials to the at least one client device.
5. The electronic access control system of claim 1 wherein the administrator account is configured to enable the owner user to configure two or more lock types for the one or more electronic access control devices, wherein the two or more lock types comprise owned locks and shared locks.
6. The electronic access control system of claim 5 wherein the omnibus account is configured to enable the tenant user to selectively grant access permissions to the shared locks to one or more sub-users.
7. The electronic access control system of claim 5 wherein the administrator account is configured to enable the owner user to selectively grant access permissions to the owned locks to one or more other users.
8. The electronic access control system of claim 1 wherein the omnibus account is configured to enable the tenant user to configure two or more lock types for the one or more electronic access control devices, wherein the two or more lock types comprise tenant locks and shared locks.
9. The electronic access control system of claim 8 wherein the omnibus account is configured to enable the tenant user to selectively grant access permissions to the tenant locks to one or more other users.
10. An electronic access control method, comprising:
- configuring, with at least one server, an omnibus account for a tenant user, wherein the omnibus account is configured to enable the tenant user to create one or more sub-user accounts within the omnibus account;
- configuring, with the at least one server, an administrator account for an owner user, wherein the administrator account is configured to enable the owner user to selectively revoke access rights and one or more permissions for the tenant user and the one or more sub-user accounts;
- providing, with the at least one server, a mobile application to at least one client device, wherein the mobile application comprises a graphical user interface for configuring one or more settings of the omnibus account or the administrator account;
- configuring, with at least one client device via the graphical user interface, one or more lock types for one or more electronic access control devices;
- configuring, with the at least one client device via the graphical user interface, one or more access credentials for the one or more electronic access control devices; and
- communicating, with the at least one server, the one or more access credentials to the omnibus account or the one or more sub-user accounts.
11. The electronic access control method of claim 10 further comprising configuring, with the at least one server, a first audit log for the tenant user.
12. The electronic access control method of claim 11 wherein the first audit log comprises access history data and user information data associated with the omnibus account.
13. The electronic access control method of claim 12 further comprising configuring, with the at least one server, a second audit log for the owner user.
14. The electronic access control method of claim 13 wherein the second audit log comprises only the access history data associated with the omnibus account.
15. The electronic access control method of claim 10 further comprising assigning, with the at least one server, a uniform resource locator to each electronic access control device in the one or more electronic access control devices.
16. The electronic access control method of claim 10 further comprising configuring, with the at least one client device via the omnibus account, temporary access rights for the one or more electronic access control devices to one or more guest users.
17. The electronic access control method of claim 10 further comprising selectively revoking, with the at least one client device via the owner account, one or more access rights for the one or more electronic access control devices for the tenant user.
18. The electronic access control method of claim 10 further comprising configuring, with the at least one server, two or more omnibus accounts for two or more tenant users.
19. The electronic access control method of claim 18 further comprising configuring, with the at least one server, an access code or pin for accessing the one or more electronic access control devices for each tenant user in the two or more tenant users.
20. A non-transitory computer-readable medium comprising executable computer program instructions stored thereon that, when executed, command at least one processor to perform one or more operations of an electronic access control method, the one or more operations comprising:
- configuring an omnibus account for a tenant user, wherein the omnibus account is configured to enable the tenant user to create one or more sub-user accounts within the omnibus account;
- configuring an administrator account for an owner user, wherein the administrator account is configured to enable the owner user to selectively revoke access rights and one or more permissions for the tenant user and the one or more sub-user accounts;
- configuring a first audit log for the tenant user, wherein the first audit log comprises access history data and user information data associated with the omnibus account; and
- configuring a second audit log for the owner user, wherein the second audit log comprises only the access history data associated with the omnibus account.
Type: Application
Filed: Mar 30, 2022
Publication Date: Oct 13, 2022
Inventor: Matthew Frank Trapani (Deerfield, IL)
Application Number: 17/709,201